First published: Wed Sep 28 2022(Updated: )
In affected versions of Octopus Deploy it is possible to reveal the Space ID of spaces that the user does not have access to view in an error message when a resource is part of another Space.
Credit: security@octopus.com
Affected Software | Affected Version | How to fix |
---|---|---|
Octopus Octopus Server | >=2019.5.7<2022.1.3180 | |
Octopus Octopus Server | >=2022.2.0<2022.2.7965 | |
Octopus Octopus Server | >=2022.3.0<2022.3.10405 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.